[OpenID-Specs-eKYC-IDA] Data minimization in the previously granted clasims access

Nat Sakimura nat at sakimura.org
Wed Mar 11 05:06:43 UTC 2020


Hi

I was wondering if it has already come up but I have a use-case where 
only a subset of (verified) claims are needed from time to time.
For example, I may need to get the Nationa ID number, address, DoB etc. 
in the first request, but in the subsequent request, I may just need the 
address as that is the only dynamic claim.

Presumably, I can use the previously obtained access token for this 
purpose as it is just down scoping, but I am not aware of a standardized 
way of sending "give me only this claim and nothing else" request to the 
Userinfo endpoint. From the data minimization point of view, this is 
pretty important.

Has this been discussed in this WG before?

Best,

Nat Sakimura


More information about the Openid-specs-ekyc-ida mailing list